package org.grow.loginto.security;

import org.grow.loginto.entity.RoleInfo;
import org.grow.loginto.entity.UserInfo;
import org.grow.loginto.exception.JulyException;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.vote.RoleVoter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.FilterInvocation;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;

import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import java.util.Collection;

/**
 * @Author: xwg
 * @CreateDate: 21-6-14
 */
@Component
public class ColdVoter extends RoleVoter {
  /*  @PostConstruct
    public void init() {
        this.setRolePrefix("");
    }*/

    @Override
    public boolean supports(ConfigAttribute attribute) {
        return true;
    }

    @Override
    public boolean supports(Class<?> clazz) {
        return true;
    }

    @Override
    public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {

//        System.out.println("跟踪vote 中的 object "+object.getClass()+"==>"+object);
        FilterInvocation filterInvocation = (FilterInvocation) object;
        HttpServletRequest httpRequest = filterInvocation.getHttpRequest();
        String requestURI = httpRequest.getRequestURI();
        System.out.println("voter:用户和角色信息"+authentication.getName()+authentication.getPrincipal());
        System.out.println("voter:对"+requestURI+"进行投票");
        UserInfo principal = (UserInfo) authentication.getPrincipal();
        Collection<? extends GrantedAuthority> authorities = principal.getAuthorities();
        System.out.println("voter:用户关联的角色： "+authorities);
        System.out.println("voter:资源关联的角色： "+attributes);
        int vote = -1;
        if (CollectionUtils.isEmpty(attributes)){
            System.out.println("资源没有设置对应角色，默认是开发模式，不予拦截");
           vote =ACCESS_GRANTED;
        }
        for (ConfigAttribute attribute : attributes) {
            for (GrantedAuthority authority : authorities) {
                if (attribute.getAttribute().equals(authority.getAuthority()))
                    vote= ACCESS_GRANTED;
            }
        }

        System.out.println("voter: 这次的投票结果是: "+vote);
        return vote;
//        if (authentication == null) {
//            return ACCESS_DENIED;
//        }
//        int result = ACCESS_ABSTAIN;
//        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
//        for (ConfigAttribute attribute : attributes) {
//            for (GrantedAuthority authority : authorities) {
//                if (attribute.getAttribute().equals(authority.getAuthority())) {
//                    System.out.println("获得匹配");
//                    return ACCESS_GRANTED;
//                }
//            }
//
//        }
//        return result;
    }
}
